Daemon monitoring the spamd logfile and doing DNS-BL lookups for the connecting hosts using spamdb for trapping those listed in one of the configured black lists.

Markus Hennecke 204f4d0e07 Adapt to latest log.[ch] changes in OpenBSD base 2 éve
.gitignore 68ece0671e Initial commit. 5 éve
Makefile 1154fb5452 Add correct MANDIR definition 3 éve
README.md 040aa13c1e Fix config example 5 éve
dnsbl.c 204f4d0e07 Adapt to latest log.[ch] changes in OpenBSD base 2 éve
dnsbl.h 37a638b815 Drop privileges in child processes 5 éve
log.c 204f4d0e07 Adapt to latest log.[ch] changes in OpenBSD base 2 éve
log.h 204f4d0e07 Adapt to latest log.[ch] changes in OpenBSD base 2 éve
parser.y 68ece0671e Initial commit. 5 éve
spamd-dnsbld.8 9148344b1c Add man pages 5 éve
spamd-dnsbld.conf 68ece0671e Initial commit. 5 éve
spamd-dnsbld.conf.5 2210514a8e Add unveil(2) calls 5 éve
spamd_dnsbld.rc 68ece0671e Initial commit. 5 éve

README.md

spamd-dnsbld

Daemon watching the spamd log file and querying DNS blacklists if new entries are created automatically, grey trapping those hosts that were found offensive.

Configuration Example

set autowhitelist off
spamd logfile "/var/log/spamd"
list "spamhaus" has dns "zen.spamhaus.org"
list "spamcop" has dns "bl.spamcop.net"

Function description

The default is to not whitelist entries if none of the configured DNS-BLs have the connecting IP address listed.

The logfile is opened and monitored for new lines. If a line is found matching a spamd entry with an IP address and the string "connected" the daemon forks and does a DNS lookup on all the configured lists. The first of those lookups returning an address starting with 127.0.x.x that address is fed to spamdb by executing /usr/sbin/spamdb -t -a ${ip}. If there is no match and the autowhitelist setting is on the IP is whitelisted by calling /usr/sbin/spamdb -a ${ip}. In case of that setting beeing off nothing is done and spamd can use the normal grey listing process.

Logging

If not started in foreground mode the daemon will daemonize and log to syslog. It comes handy to have the daemon log into it's own logfile adding these lines to /etc/syslog.conf:

!!spamd-dnsbl
daemon.*						/var/log/spamd-dnsbl
!*

The same can be done for the spamd log, pointing the logfile in the config file to that location. The logfile can be rotated automatically with this setting in /etc/newsyslog.conf:

/var/log/spamd-dnsbl	root:wheel	600   3     *    $M1D1 Z